5a9b74eb27007be8ed1a986a6c6cab0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a9b74eb27007be8ed1a986a6c6cab0c_JaffaCakes118
Size

148KB
MD5

5a9b74eb27007be8ed1a986a6c6cab0c
SHA1

e87d9dcca3e93a121b3328a175c84a96fe680835
SHA256

280f6cdee5c4d15e6d615531804673d5050f1612cd5b9fdb5e8c05bcb5fee53d
SHA512

8d44fa03630ad47f8c2d583cab260eb550f32d68f48e989db63c6a2bc37a88ff6b3a553e89a377a2644c1d92bf305ccd467b505cecdfdc41ecbb540a814e1d92
SSDEEP

3072:8iPM8q++PFA6SNPzYu9Va7Ilpr6rYOb1/pqyLXwa7T:d+utsu9A7cpwb1wyLH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a9b74eb27007be8ed1a986a6c6cab0c_JaffaCakes118

Files

5a9b74eb27007be8ed1a986a6c6cab0c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ed27c86ceb868ec6fc18e8e75e1ecfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA
PathStripPathA

kernel32

lstrlenW
lstrcatA

Exports

Exports

?GetIDPromotion@252KPAUHINSTANCE__@@U_SYSTEM_INFO@@`M
?LargeScaleGroup@252KPAUHINSTANCE__@@U_SYSTEM_INFO@@`M

Sections

.idata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ